Decoding systems with a decoding engine running on a mobile device and coupled to a payment system that includes identifying information of second parties qualified to conduct business with the payment system

ABSTRACT

A decoding system with a decoding engine running on a tablet. The decoding engine decodes signals produced from a read of a buyer&#39;s financial transaction card, accepts and initializes incoming signals from a read of a buyer&#39;s financial transaction card until the signals reach a steady state, detects the read of the buyer&#39;s financial transaction card once the incoming signals are in a steady stat, identifies peaks in the incoming signals and digitizes the identified peaks in the incoming signals into bits. A transaction engine runs on the tablet and is coupled to the decoding engine. A payment system is in communication with the transaction engine and with a buyer&#39;s financial transaction card institution or a first party&#39;s financial account

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. Ser. No. 13/829,485 filedMar. 14, 2013, which is a continuation-in-part of U.S. Ser. No.13/533,171 filed Jun. 26, 2012, which is a continuation of U.S. Ser. No.12/903,801 filed Oct. 13, 2010 (now U.S. Pat. No. 8,231,055). Thisapplication is also a continuation-in-part of U.S. Ser. No. 13/298,564filed Nov. 17, 2011.

This application is related to U.S. Ser. No. 12/456,134, filed Jun. 10,2009, and is hereby incorporated herein by reference.

All of the above-identified applications are fully incorporated byreference.

BACKGROUND

1. Field of the Invention

The present invention relates generally to decoding systems, and moreparticularly to decoding systems incorporated in a tablet.

2. Description of the Related Art

Plastic cards having a magnetic stripe embedded on one side of the cardare prevalent in everyday commerce. These cards are used in varioustransactions such as to pay for purchases by using a credit card, adebit card, or a gasoline charge card. A charge card or a debit card mayalso be used to transact business with a bank through use of anautomated teller machine (ATM). The magnetic stripe card is capable ofstoring data by modifying the magnetism of magnetic particles embeddedin the stripe. The data stored on the magnetic stripe may be sensed orread by swiping the stripe past a read head. The analog waveformobtained by sensing the magnetic stripe must undergo a process known asdecoding to obtain the digital information stored in the magnetic stripeof the card.

Currently, there are hundreds of magnetic stripe readers/swipers on themarket; all of them are at least as long as the credit card itself.These existing readers/swipers can be classified as either platform cardreaders or plunge card readers. Platform card readers are traditionalcard swipers with single rails, which allow a card to be held againstthe base of the reader by the user and moved across the read head of thereader. Plunge swipers guide a card by two sets of rails and a backstop.Once the user has inserted the card against the backstop, the card isread as it is removed from the plunge swipers. Plunge swipers are commonon ATMs and other self-pay devices because they are less prone tohacking.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts an example of a system diagram to support financialtransaction between a payer and a payee through a miniaturized cardreader connected to a mobile device.

FIG. 2 depicts an example of an external structural diagram of aminiaturized card reader.

FIGS. 3( a)-(b) depict examples of actual card reader with miniaturizeddesign.

FIGS. 4( a)-(b) depict examples of alignment between read head of thecard reader and magnetic stripe of card being swiped.

FIG. 5 depicts an example of a TRS connector as a part of card reader.

FIGS. 6( a)-(c) depict examples of internal structures of a miniaturizedcard reader.

FIGS. 7( a)-(b) depict examples of waveforms of data read from one trackof the magnetic stripe by read head when the card is swiped through theslot of the card reader in the forward and reverse directions,respectively.

FIG. 8 depicts a flowchart of an example of a process to support swipingof a card with a magnetic stripe through a miniaturized portable cardreader.

FIG. 9 depicts an example of schematic diagram of passive ID circuitryembedded in the card reader.

FIG. 10 depicts an example of schematic diagram that contains additionalcomponents of passive ID circuitry 22 that contribute to the userexperience.

FIG. 11 depicts an example of an implementation for passive ID circuitry22 depicted in FIG. 10.

FIG. 12 depicts a flowchart of an example of a process to deliver theunique ID to mobile device via the passive ID circuitry.

FIG. 13 depicts an example of additional encryption and/or decryptionsystems included in the passive ID circuitry for encrypting anddecrypting of unique ID of card reader.

FIG. 14 depicts a flowchart of an example of a process to supportdecoding of incoming signals from swiping of a card with a magneticstripe through a miniaturized portable card reader.

FIG. 15 depicts a flowchart of an example of a process to supportfinancial transaction between a payer and a payee through a miniaturizedcard reader connected to a mobile device.

FIGS. 16( a)-(f) depict screenshots of an example of a financialtransaction between a purchaser and a merchant through a miniaturizedcard reader connected to a mobile device.

FIG. 17 illustrates an integrated read head/mobile device embodiment ofthe present invention.

FIG. 18 illustrates one embodiment of a method of making payments usinga mobile device where a tab is opened by a first party and is selectedby a qualified second party at any geographic location of the firstparty's mobile device.

FIG. 19 illustrates an overall system architecture of a payment servicethat can be used in various embodiments of the present invention.

FIG. 20 illustrates an embodiment of the present invention for a methodof conducing on-line purchases using a mobile device.

FIG. 21 illustrates an embodiment of the present invention where amethod is provided for transferring funds to and/or from a first party'sfinancial account, and the first party's financial account informationis entered with a single initial entry to the payment service and forfuture payments the information need not be re-entered.

FIG. 22 illustrates an embodiment of the present invention with a springmember attached to the read head to provide for increased accuracy andread head adjustment.

FIG. 23 illustrates one embodiment of the present invention with a cardreader, mobile device and payment system.

FIG. 24 illustrates one embodiment of the present invention where theoutput from a read of the track goes to an amplifier, differentiator,into a comparator and then into a microcontroller.

FIG. 25 illustrates one embodiment of the present invention where a cardreader accepts a raw signal from a read head and processes the financialtransaction card read on the fly.

FIG. 26 illustrates one embodiment of the present invention where theslot of a read head has directionality.

FIG. 27 illustrates an embodiment of the present invention where theread head includes a power source.

FIG. 28 is a schematic view, according to another embodiment of thepresent invention, showing a payment device-not-present transaction.

FIG. 29 is a schematic view illustrating a payment device presenttransaction according to one embodiment of the present invention;

FIG. 30 is a schematic view illustrating a security device-presenttransaction according to one embodiment of the present invention.

FIG. 31 is a perspective view of a card reader in one embodiment of thepresent invention, with a slot with a varying width, and one end of theslot is broader than the opposite end, and the exterior housingincluding indicia for directionality.

FIG. 32 illustrates an interior review of a card reader of the presentinvention, showing the read head on one side, and electronics andcircuitry on an opposite side.

FIG. 33 illustrates an embodiment of device electronics for the cardreader in one embodiment of the present invention.

FIG. 34 illustrates an embodiment of the FIG. 33 device electronics withan analog to digital front-end and a microcontroller.

FIG. 35 illustrates an embodiment of the present invention where ananalog to digital front end can receive a raw magnetic head signal fromthe magnetic head and convert it into a processed digital signal thatthe microcontroller, producing a signal with magnetic read headelectronics.

FIG. 36 illustrates an amplifier or amplifier/filter that can be used inan embodiment of the present invention.

FIG. 37 illustrates a differentiator that can be used in an embodimentof the present invention.

FIG. 38 illustrates a comparator 536 that can be used in an embodimentof the present invention.

FIG. 39 illustrates wake-up electronics that can be used in anembodiment of the present invention.

FIGS. 40 and 41 illustrates a power source that can be used in anembodiment of the present invention.

FIG. 42 illustrates transmission electronics that can be used in anembodiment of the present invention.

FIG. 43 illustrates a card in a slot of a read head in an embodiment ofthe invention, illustrates how the card can rotate at an angle away froma bottom of the slot, and also exit at an angle relative to the slot.

FIG. 44 illustrates an embodiment of the present invention with the readhead positioned offset from a center of an associated housing, movementof a card through a slot an angle relative to the card reader and acoupled mobile device.

FIG. 45 illustrates an asymmetric spring that can be used in anembodiment of the present invention.

FIG. 46 illustrates a flow of a card read with a card reader of thepresent invention, its' interaction with a mobile device and a back endof a payment system.

DETAILED DESCRIPTION

The approach is illustrated by way of example and not by way oflimitation in the figures of the accompanying drawings in which likereferences indicate similar elements. It should be noted that referencesto “an” or “one” or “some” embodiment(s) in this disclosure are notnecessarily to the same embodiment, and such references mean at leastone.

FIG. 1 depicts an example of a system diagram to support financialtransaction between a payer and a payee through a miniaturized cardreader connected to a mobile device. Although the diagrams depictcomponents as functionally separate, such depiction is merely forillustrative purposes. It will be apparent that the components portrayedin this figure can be arbitrarily combined or divided into separatesoftware, firmware and/or hardware components. Furthermore, it will alsobe apparent that such components, regardless of how they are combined ordivided, can execute on the same host or multiple hosts, and whereinmultiple hosts can be connected by one or more networks.

In the example of FIG. 1, the system includes a mobile device 100, aminiaturized card reader 10 connected to mobile device 100, a decodingengine 110, a user interaction engine 120, and a transaction engine 130,all running on mobile device 100. Additionally, the system may alsoinclude one or more of user database 140, product or service database150, and transaction database 160, all coupled to the transaction engine130.

As used herein, the term engine refers to software, firmware, hardware,or other component that is used to effectuate a purpose. The engine willtypically include software instructions that are stored in non-volatilememory (also referred to as secondary memory). When the softwareinstructions are executed, at least a subset of the softwareinstructions is loaded into memory (also referred to as primary memory)by a processor. The processor then executes the software instructions inmemory. The processor may be a shared processor, a dedicated processor,or a combination of shared or dedicated processors. A typical programwill include calls to hardware components (such as I/O devices), whichtypically requires the execution of drivers. The drivers may or may notbe considered part of the engine, but the distinction is not critical.

As used herein, the term database is used broadly to include any knownor convenient means for storing data, whether centralized ordistributed, relational or otherwise.

In the example of FIG. 1, mobile device 100 to which the portable cardreader 10 is connected to can be but is not limited to, a cell phone,such as Apple's iPhone, other portable electronic devices, such asApple's iPod Touches, Apple's iPads, and mobile devices based onGoogle's Android operating system, and any other portable electronicdevice that includes software, firmware, hardware, or a combinationthereof that is capable of at least receiving the signal, decoding ifneeded, exchanging information with a transaction server to verify thebuyer and/or seller's account information, conducting the transaction,and generating a receipt. Typical components of mobile device 100 mayinclude but are not limited to persistent memories like flash ROM,random access memory like SRAM, a camera, a battery, LCD driver, adisplay, a cellular antenna, a speaker, a BLUETOOTH® circuit, and WIFIcircuitry, where the persistent memory may contain programs,applications, and/or an operating system for the mobile device.

In one embodiment of the present invention a system is provided withtransaction engine 130 running on mobile device 100. In response to afinancial transaction between a buyer and a seller, the mobile device100 accepts information selected including but not limited toinformation from financial transaction or information pertaining tofinancial transaction card used by the buyer in the transaction.Additionally, a financial transaction device can be utilized.Non-limiting examples of financial transaction devices include but arenot limited to a, wristband, RFID chip, cell phone, biometric marker andthe like. At least a portion of this information is communicated with athird party financial institution or payment network to authorize thetransaction. The buyer receives confirmation of the payment. Paymentconfirmation can be in real time by a payment service.

Payment confirmation can be made with a communication channel of thebuyer's choice. As non-limiting examples, confirmation of payment can bean electronic notification in the form selected from at least one of,email, SMS message, tweet (message delivered via TWITTER®), instantmessage, communication within a social network and the like.

In response to the transaction, a confirmation is made that the buyer isauthorized to use the financial transaction card in order to preventfraud. There can also be a confirmation that there are sufficient fundsfor the purchase made by the buyer.

In one embodiment, it is determined that that the buyer, authorized touse the financial transaction card, is present with the seller at thetime of the financial transaction.

Miniaturized Card Reader

In the example of FIG. 1, miniaturized card reader 10 is configured toread data encoded in a magnetic strip of a card being swiped by a buyerand send a signal that corresponds to the data read to mobile device 100via a signal plug 18. This signal is at least partially if not fullydecoded in the mobile device 100.

The size of card reader 10 is miniaturized to be portable for connectionwith mobile device 100. For a non-limiting example, the size of cardreader 10 can be miniaturized to an overall length of less than 1.5″. Inaddition, the miniaturized card reader 10 is also designed to reliablyread the card with minimum error via a single swipe by counteractingvendor specific filtering done by mobile device 100. Note that thisbroad overview is meant to be non-limiting as components to this processare represented in different embodiments. For instance the decodingengine 110 can be embedded in the card reader 10 as shown in FIG. 13 asthe decoding system 42. FIG. 2 depicts an example of an externalstructural diagram of miniaturized card reader 10. Although the diagramsdepict components as functionally separate, such depiction is merely forillustrative purposes. It will be apparent that the components portrayedin this figure can be arbitrarily combined or divided into separatesoftware, firmware and/or hardware components.

In the example of FIG. 2, miniaturized card reader 10 is shown tocomprise at least a housing 12 having a slot 14, a read head 16 embeddedon a wall of slot 14, a signal plug 18 extending out from the housing12, and an optional passive ID circuit 22.

FIG. 3( a) depicts an example of an actual card reader with miniaturizeddesign and FIG. 3( b) depicts other examples of miniaturized card readerwith width around 0.5″.

The card reader 10 includes the slot 14 and is miniaturized relative tothe size of the mobile device 100. In some embodiments, the housing 12is not included.

In one embodiment, the slot 14 is configured to maintain contact betweenthe read head 16, and the magnetic stripe of the financial transactioncard during a swipe. The signal is decoded in the mobile device 100. Thedecoding includes determining pulses in the signal and converting atleast some of the pulses to characters. In one embodiment, the slot 14has a width of no greater than 1 mm. The width of the slot 14 issufficient to enable a successful swiping of the financial transactioncard, while producing the signal. It is sized to enable the successfulswipe without creating sufficient torque between the signal plug 18 oroutput jack and the read head 16 or at the mobile device 100 to causedamage due to excessive torque. If the slot 14 is too wide, then it ismore difficult to achieve a successful swipe that produces the signal.If there is a miss, or insufficient data is generated, then theresulting signal is not competent. If the slot 14 is too narrow, thenthe financial transaction card cannot be swiped. The size of the slot 14is selected to reduce torque as discussed above. Additionally, in oneembodiment, the output jack 18 is at least partially if not fullyrotatable relative to the port it is coupled to in the mobile device100. The decoding includes error checking. In one embodiment, thedecoding includes detecting that data in the signal is from thefinancial transaction card, seeing the beginning and ending sentinelsand reconstructing data in the signal from a pattern of pulses.

In one embodiment of the present invention, the mobile device 100 has anaudio input port, a line input port a USB port and others. In oneembodiment, a sampling rate of the signal at the audio input port or aline input port of the mobile device is at least 15 kHz. In variousother embodiments, the sample rate of the signal at the audio input portor line import port can be, least 20 kHz; at least 25 kHz, at least 30kHz, at least 35 kHz or at least 40 kHz.

In one embodiment, the slot 14 is oriented and sized to reduce torqueapplied on the read head 10 when the financial transaction card isswiped through the slot 14 in order to maintain accuracy and reliabilityof the data read by the read head 10.

In the example of FIG. 2, housing 12 of card reader 10 is designed to beasymmetrical with respect to slot 14, with texture such as logo on oneside of the housing that can be felt and recognized by a user with atouch of a finger. For correct swiping of the card, the texture side ofhousing 12 should match with the texture (front) side of the card, sothat a user can easily identify the right side of the reader to swipethe card through slot 14 without actually looking at the reader or card.Even a blind person is able to swipe the card correctly by matching thetexture side of the reader with the texture side of the card.

In the example of FIG. 2, the slot 14 is wide enough and deep enough toaccept a card having a magnetic stripe so that the stripe will fitwithin the slot 14. More importantly, the slot 14 is configured toreduce the torque applied on the reader 10 when the card is swipedthrough slot 14 in order to maintain accuracy and reliability of thedata read by read head 16. Since the size of card reader 10 isminiaturized, slot 14 also has a length that is significantly less thanthe length of the card to be inserted into the slot 14.

To correctly read the data on the magnetic stripe of the card, the readhead 16 must maintain contact with the stripe as the card moves pastslot 14. If the card rocks during the swipe, the alignment of the head12 with the stripe may be compromised. As the length of the slot 14,i.e., the card path through which the card swiped though slot 14, isshortened, rocking and head alignment may become significant issues. Asshown in FIG. 4( a), if the magnetic stripe card is swiped throughwithout the base of the card resting against the flat bottom piece, themagnetic stripe will not align with the read head 16 when the card isswiped through slot 14 having a flat base 15.

In some embodiments, the base 15 of slot 14 can be changed from flat toa curved base with a radius in order to increase contact between theread head 16 and the magnetic stripe to address the rocking problem. Asshown in FIG. 4( b), the read head 16 can maintain contact with themagnetic stripe, even with some additional error due to the gradation ofcontact introduced by the curved base 15.

FIG. 5 depicts an example of signal plug 18 as part of card reader 10.Here, signal plug 18 can be but is not limited to a TRS (tip, ring,sleeve) connector also known as an audio plug, phone plug, plug, stereoplug, mini-plug, or a mini-stereo audio connector. The signal plug 18may be formed of different sizes such as miniaturized versions that are3.5 mm or 2.5 mm.

In some embodiments, signal plug 18 may be retractable within thehousing 12. In some embodiments, signal plug 18 is configured to extendbeyond housing 12 of the reader in order to accommodate connection withmobile devices 100 having cases or having a recessed plug-in socket,wherein the socket can be but is not limited to a microphone inputsocket or a line in audio input of the mobile device.

In some embodiments, housing 12 of card reader 10 is made ofnon-conductive material such as plastic so that the reader will notinterfere with the function of mobile device 100 it is connected with.Such choice of material is important since the outer case of certainmobile devices, such as iPhone 4, is conductive and serves as an antennafor the device, which function could potentially be interfered with ifthe metal case of the device gets in touch with the housing of a cardreader made of conductive material.

FIG. 6( a) depicts an example of an internal structural diagram of aminiaturized card reader. Although the diagrams depict components asfunctionally separate, such depiction is merely for illustrativepurposes. It will be apparent that the components portrayed in thisfigure can be arbitrarily combined or divided into separate software,firmware and/or hardware components.

In the example of FIG. 6( a), the internal structure inside housing 12of card reader 10 is shown to comprise at least a read head 16 withembedded circuitry, and a spring structure 20 to support read head 16.FIG. 6( b) depicts an example of an internal structure an actualminiaturized card reader. FIG. 6( c) depicts an example of separatedcomponents of read head 16 and spring structure 20 used in the actualminiaturized card reader.

In the example of FIGS. 6( a)-(c), read head 16, which for anon-limiting example, can be an inductive pickup head, detects andprovides data stored in the magnetic stripe of a card to a connectedmobile device 100. More specifically, as the magnetic stripe of a cardis swiped through slot 14 and in contact with read head 16, the cardreader device 10 reads one or more tracks of data or information storedin the magnetic stripe of the card via the detection circuitry embeddedinside the read head. Here, data stored in the magnetic stripe may be inthe form of magnetic transitions as described in the ISO 7811 standards.As the card moves past the read head 16, magnetic transitionsrepresenting data induce a voltage or waveform in a coil (not shown) ofread head 16 due to such relative movement between read head 16 and thestripe (called the Hall Effect), wherein a resistor (not shown) insideread head 16 sets the amplitude of the waveform. This waveform is sentvia the signal plug 18 into the socket which is registered by themicrophone of the mobile device 100 connected with card reader 10.

In some embodiments, read head 16 in card reader is capable of readingonly one track of data (either track 1 or 2, but not both) from themagnetic stripe in order to reduce the size and structural complexity ofcompact read head 16 as only one pin needs to be included in the readhead. FIGS. 7( a)-(b) depict examples of waveforms of data read fromtrack 1 (instead of both tracks 1 and 2 as by a traditional read head)of the magnetic stripe by read head 16 when the card is swiped throughslot 14 in the forward and reverse directions, respectively.

In some embodiments, the size or thickness of the housing 12 of cardreader 10 is configured to be narrow enough to accommodate only a singleread head 16. Such design is intended to be tampering-proof so that evenif the housing 12 is tampered with, no additional circuitry can be addedto the card reader 10 and such tampering will render the card readernon-functional.

In the example of FIGS. 6( a)-(c), spring structure 20 is a flexiblespring mounting to read head 16 without a screw, causing the read headto be suspended to housing 12 of card reader 10. Here, spring 20 caneither be connected to housing 12 via screws or welded to plastichousing 12 without using any screws. As the card moves past theread-head 16 on the miniaturized card reader, any card bending ormisalignment may cause the read head to lose contact with the magneticstripe. Spring 20 allows suspended read head 16 to swivel whilemaintaining contact pressure to track the stripe of the card beingswiped. Spring 20 is designed to be sufficiently small to fit within theminiaturized card reader 10, yet powerful enough to maintain goodcontact during the stripe. Unlike traditional spring structures, spring20 positions the supports for read head 20 inside the overall form ofthe spring, which allows the spring to flex without having to make onesupport moveable.

FIG. 8 depicts a flowchart of an example of a process to support swipingof a card with a magnetic stripe through a miniaturized portable cardreader. Although this figure depicts functional steps in a particularorder for purposes of illustration, the process is not limited to anyparticular order or arrangement of steps. One skilled in the relevantart will appreciate that the various steps portrayed in this figurecould be omitted, rearranged, combined and/or adapted in various ways.

In the example of FIG. 8, the flowchart 800 starts at block 802 where aminiaturized card reader is structured to provide sufficient contactbetween a read head and the magnetic stripe during a swipe of a card.The flowchart 800 continues to block 804 where a card with a magneticstripe is swiped through a slot of the miniaturized card reader. Theflowchart 800 continues to block 806 where the read head reliably readsdata stored in the magnetic stripe and generates an analog signal orwaveform indicative of data stored in the magnetic stripe. The flowchart800 continues to block 808 where amplitude of the waveform is set by thecircuitry inside the read head. The flowchart 800 ends at block 810where the set waveform is provided to a mobile device 100 connected withthe miniaturized card reader via the signal plug 18.

Passive ID Circuit

In some embodiments, housing 12 of card reader 10 may furtherencapsulate a passive ID circuitry 22 powered by the mobile device 100through signal plug 18, wherein passive ID circuitry 22 delivers anunique ID of the card reader to mobile device 100 only once upon thecard reader being connected to (and powered up by) the mobile device.Although both are integrated in the same housing 12, passive IDcircuitry 22 functions independently and separately from read head 18without interfering with the read head's card swiping functionsdescribed above.

FIG. 9 depicts an example of schematic diagram of passive ID circuitryembedded in the card reader. In the example of FIG. 9, passive IDcircuitry 22 may comprise at least five main subsystem/components:unique ID storage 24, communication subsystem 26, which reads andtransmits the unique ID from unique ID storage 24, power subsystem 28,which provides power to enable communication with mobile device 100, apathway subsystem 30 to route signals to signal plug 18 through thecircuitry, and a control unit 32, to orchestrate the communicationbetween different systems. All of these subsystems can be implemented inhardware, software or a combination thereof. Communication subsystem 26,power subsystem 28, and read head 16 share the same signal plug 18 forconnection with the mobile device. The components portrayed in thisfigure can be arbitrarily combined or divided into separate software,firmware and/or hardware components.

In the example of FIG. 9, unique ID storage 24 is memory containing theUnique ID of the card reader. The unique ID storage 24 can be anypersistent memory containing bytes that can be accessed by thecommunication subsystem 26.

In the example of FIG. 9, the power subsystem 28 comprises of a modifiedcharge pump, which utilizes a digital circuit to artificially raise thevoltage of a power source to a higher level. Normal charge pumpoperation requires large current which is then fed into severalcapacitors, and switching logic switches the capacitors between seriesand parallel configurations. In the example of FIG. 10, the power sourceis a bias voltage provided by the mobile device meant for detection of aconnected component. It is nominally 1.5V and is supplied through a 2 kΩresistor, resulting in a maximum current of 750 μA. Details of how thepower subsystem 28 function is described in FIG. 11.

In standard operation the pathway subsystem 30 is configured to directthe mobile device's 100 bias voltage to the power subsystem 28. Afterthe power subsystem converts the bias voltage to a system voltage, thecontrol unit 32 is able to operate. Control unit 32 configures thepathway subsystem 30 to allow the communication subsystem 26 access tothe mobile device 100. The communication subsystem 26 relays the uniqueID from the unique ID storage 24. The control unit 32 then configuresthe pathway subsystem 30 to allow the card reader circuit 16 access tothe mobile device 100.

FIG. 10 depicts an example of schematic diagram that contains additionalcomponents of passive ID circuitry 22 that contribute to the userexperience. These additional systems prevent the mobile device 100 fromperceiving that the card reader 10 has been disconnected during powercycles. These additional systems also ensure that the unique ID sentfrom unique ID storage 24 is sent as specified by the designer. Thisextra feature set comprises of a discharge subsystem 34 to force thedevice to power cycle, a fake load 36 so the mobile device 100 does notperceive a disconnect, and a monitor system 38 to manage card reader 10behavior between power cycles.

In the example of FIG. 10, communication subsystem 26 comprises a signaldriver connected with control unit 32 and unique ID storage 24. In anon-limiting embodiment of a system which sends an ID only once to amobile device 100, after the control unit 32 boots up, communicationsubsystem 26 will check a status bit in the monitor subsystem 38. Thefirst time this process occurs, the status bit will be not set. When thestatus bit is not set the ID is sent immediately. FIG. 12 contains adetailed flowchart of a non-limiting example of this process. In oneembodiment the control unit 32 will write to the status bit in monitorsubsystem 38. It will then use the discharge system 34 to reset itself.During this time the pathway subsystem 30 will be configured to directthe signal path to the fake load preventing the mobile device 100 fromdetecting a disconnect with the card reader 10. Once the power subsystem28 has completed its power cycle, the control unit 32 will read thestatus bit. Upon seeing that the status bit is cleared it will configurethe pathway subsystem 30 to direct the signal path to the card readercircuit 16. The control unit 32 will then put the system into anextremely low power state (from here referred to as a sleep state). Onlythe monitoring subsystem 38 will remain active. The monitor subsystem 38will wake the system from the sleep state at some time (time dependingon implementation) before a power cycle. The control unit 32 willnotified of the system awakening by the monitoring subsystem 38. Thecontrol unit 32 will then set the status bit on the monitor subsystem 38only if there is a voltage detected on the fake load indicating thereader is still connected. The control unit 32 will then force a powercycle.

FIG. 11 depicts an example of an implementation for passive ID circuitry22 depicted in FIG. 10. In some embodiments, power subsystem 28 hasmultiple capacitors in parallel. A voltage breaker (e.g., zener diodeetc.) and a latch are used to trigger the transition between paralleland series configurations. Once the latch is flipped, power subsystem 28will remain in series configuration until the combined voltage dropsbelow the CMOS trigger gate voltage at about 0.4V. At this time thepassive ID circuitry 22 will reset and the unique ID delivery processwill begin again.

In the example of FIG. 11, pathway subsystem 30 comprises a plurality oflatches controlled by control unit 32 for switching among varioussubsystems of passive ID circuitry 22. When passive ID circuitry 22 isin operation, the default configuration allocates the output signalthrough signal plug 18 to modified charge pump of power subsystem 28.After the latch to turn off modified charge pump 28 is triggered,control unit 32 will route signal plug 18 from read head 16 tocommunication subsystem 26 and transmit the unique ID through signalplug 18 after checking the status bit in unique ID storage 24. Pathwaysubsystem 30 will then write to the status bit in unique ID storage 24and discharge the power subsystem 28. FIG. 12 depicts a flowchart of anexample of a process to deliver the unique ID to mobile device 100 viathe passive ID circuitry 22.

In some embodiments, passive ID circuitry 22 may further includeadditional encryption and/or decryption systems as shown in FIG. 13 forencrypting and decrypting of unique ID of card reader 10. In the exampleof FIG. 13, the decoding system 42 and encryption system 40 can both usethe control unit 32 from the passive ID circuitry 22 to communicate withthe mobile device 100 over the communication subsystem 26.

Signal Decoding

Once card reader 10 provides the set waveform to the attached mobiledevice 100, the incoming signals (waveform) may be amplified, sampled,and converted to a stream of digital values or samples by decodingengine 110 running via a microprocessor inside the mobile device. Here,decoding engine 110 may comprise a pipeline of software decodingprocesses (decoders) to decode and process the incoming signals asdescribed below, where each software process in this pipeline can beswapped out and replaced to accommodate various densities of track dataread in order to reduce card swipe error rate. The incoming signals maybe of low quality due to one or more of: low quality of data read from asingle and/or low density track of a magnetic stripe of the card,sampling speed limitations of the microphone input socket of the mobiledevice, and noise introduced into the mobile device 100 from card reader10. FIG. 14 depicts a flowchart of an example of a process to supportdecoding of incoming signals from swiping of a card with a magneticstripe through a miniaturized portable card reader.

In the example of FIG. 14, the flowchart 1400 starts at block 1402 wheredecoding engine 110 initializes its internal state by waiting for thesystem voltage to reach a steady state. Upon initial connection of acard reader, there is usually a burst of signal due to feedback causedby slight impedance mismatches and the presence of non-linear elementslike the read head. After at least 3 time constants, the signal isdetermined to be in a steady state. During such initialization phase,the DC offset of the incoming signals are computed when the mobiledevice is first connected to the card reader over signal plug 18. Insome embodiments, initialization goes through at least the followingsteps:

Take one system buffer of audio signal and compute the DC offset of thisbuffer.

Save the computed DC offset.

Compute the average of the last three DC offsets.

Compute the variance of the current DC offset from the average computedin step 3.

The following values presented were found to be optimum for performancein the decoding system. In the spirit of full disclosure they have beenprovided here to allow someone trained in the arts to be able toreplicate this process. It is fully realized that many other values canbe used here and depending on hardware implementation. The values hereare meant to be non-limiting. If the variance computed in step 4 is lessthan the variance threshold, 0.06% of full scale or less than the offsetpercentage, 10% of the offset average computed in step 3, and the DCoffset computed in step 1 is less than the noise ceiling, 3% of fullscale, of the mobile device 100. After initialization is complete,decoding engine 110 can proceed to process the incoming signals todetect the swipe of the card. Otherwise, Steps 1-4 need to be repeated.

The flowchart 1400 continues to block 1404 where decoding engine 110detects the card swipe once the incoming signals are in a steady state.This signal detection phase processes the incoming signals in steadystate in order to detect the presence of a swipe of a card through thecard reader. The signal detection phase is a light-weight procedure thatoperates at near real time. It parses the incoming signals quickly andstitches multiple system buffers of signals together to form a signal ofinterest. In some embodiments, the signal detection process goes throughat least the following steps:

Apply a software upscale of system buffers of the incoming signals.

Begin taking buffers of incoming signals and look for points that exceeda minimum signal amplitude threshold, which is a hardware-basedparameterization found empirically.

Set a flag that triggers the detection of a swipe once a single pointthat exceeds the threshold is detected.

Once the flag triggered, the incoming signal is appended to a largerbuffer until the signal drops below a minimum signal amplitude thresholdfor a certain period of time, e.g., 10 ms.

Trim the last 10 ms of data to reduce the amount of signal data to beprocessed later.

Check to see if at least a certain number of samples have been collectedin the buffer to make sure that there is enough information for laterdecoding. This number is parameterized based on the hardware of themobile device used.

Alternatively, a hardware independent swipe detection process can beutilized to capture the signal of interest via Fast Fourier Transform(FFT), while trimming the front and back of the signal. Such processwould include at least the following steps:

Retrieve system buffers of incoming signals and keep a certain number ofbuffers of history of the signals.

Compute the frequency distribution of the signal history kept via FFT.

Locate two maxima in the histogram and check if one maximum is locatedat 2× the frequency of the other maximum. If this condition issatisfied, continue to add on buffers of history that exhibit suchbehavior.

Once such behavior has stopped, begin removing signals from thebeginning and ending of the signals in the buffers until SNR ismaximized, wherein SNR is defined to be the two maxima's amplitudes thatare greatest from the next maximum.

The flowchart 1400 continues to block 1406 once a card swipe is detectedto be present where decoding engine 110 identifies peaks in the incomingsignals. Peak detection is the most complex portion of decoding ofincoming signals from credit card swipes, and credit card swipe decodeshave traditionally not been done on heavily filtered signals like thesignal that enters through the TRS plug, since most mobile devicemanufacturers assume the incoming signal is audio based. This results ina wide variety of signal filtering that peak detection must account for.Different peak detection approaches discussed below can be utilized bythe microprocessor to perform peak detection in the incoming signals indifferent ways, all applying a basic, moving average low-pass filter tosmooth out some of the high frequency noise in order to overcome the lowquality data read, sampling speed limitations of the mobile device, andthe noise introduced into the mobile device.

Reactive Peak Detection

Reactive peak detection is a heuristics based approach for peakdetection, which is well suited for situations where the incomingsignals from the card swipe is not excessively distorted by the mobiledevice's filter circuitry. This approach utilizes at least the followingsteps to detect signal peaks:

Seed an adaptive positive and adaptive negative threshold with anambient noise value that is dependent on the hardware of the mobiledevice. These thresholds will be used for initial peak detection.

Begin processing through the sample buffer, and for each sample in thebuffer:

Wait for the threshold to be crossed again when either the negative orpositive threshold is crossed, except with a hysteresis factor appliedto the threshold for the second crossing. The hysteresis factor is keyin making this approach resistant to ringing in the incoming signals,which is associated with the active filter(s) of the platform hardware.

Begin looking for slope changes within this time frame once the twosamples where the threshold is crossed have been established.

If more than one slope change is found, compute the midpoint of the twosamples.

If only a single slope change is detected, then, pick the maximum pointfor the slope change.

Compare the peak's amplitude to the previously found peak's amplitude(if this has been established).

Skip the current peak and move on if its amplitude is greater than(([full scale]−[current peak amplitude])/([full scale]*100)+100) % ofthe previous peak's amplitude.

If the prior step did not result in skipping of the peak, check thepeak's polarity against the previous peak's polarity.

If the peak's polarity is the same as the previous peak's polarity, thenremove the previous peak and put the current peak in its place.

If the polarity of the current peak has changed, then simply add thecurrent peak to the list of peaks. This step is another key componentfor making this approach resistant to ringing.

Upon the finding of a peak, update the adaptive threshold of thecorresponding polarity as the polarity of the peak just found and theamplitude to be a percentage of this peak's amplitude. Here, thepercentage is a parameter varied by the detection approach being used,since higher values more accurately detects peaks, but are not asresistant to noise, while lower values are more resistant to noise, butmay pick up errant peaks associated with ringing.

Predictive Peak Detection

Predictive peak detection defers the heavy processing to the digitizingstage of decoding. Predictive peak detection is highly resistant toscratches in the card that could cause low quality or false peakinformation to manifest in the incoming signals. This approach is morememory intensive than the reactive peak detection approach since morepeaks are stored. The approach utilizes at least the following steps todetect signal peaks:

Seed a positive and adaptive negative threshold with an ambient noisevalue that is dependent on the hardware of the mobile device.

Begin going through the sample buffer. For each sample in the buffer:

Begin waiting for the slope to change when either the positive ofnegative threshold is crossed.

When the slope changes, store the current sample as a peak.

Maxima Peak Detection

Maxima peak detection detects peaks by looking for local maxima andminima within a window of digital samples. If either of these is at theedges of the window of samples, then the approach skips the window andmoves to the next window to look for local maxima and minima. Theselocal maxima and minima are then stored into a list of peaks.

The flowchart 1400 continues to block 1408 where decoding engine 110identifies the track from which data of the incoming signals are readthrough the swipe of the card via the card reader. Traditionally, track1 and track 2 came off of different pins on the read head of a cardreader, and so there was no need to guess which track is being read.Since read head 16 in card reader is capable of reading only one trackof data from the magnetic stripe, track identification becomes animportant issue. This track identification process is run by detectionengine 110 after peaks are detected to guess and recognize the track(track 1 or track 2) from which the data is read by card reader byinferring a range of peaks to be expected for signals coming from eachtrack. Since track 1 is known to be much denser in data than track 2, itis thus reasonable to expect more peaks to be identified in data comingfrom track 1. Although this process is not a definitive guess, it yieldsthe correct track value 99.9% when coupled with the peak detectionalgorithms described herein in testing. Alternatively, track guessingcan be based on the number of bits found in the digital signals afterthe digitizing stage of decoding. When a decoder fails due to guessingthe wrong track (since track identification affects how the bits fromthe digital signals are framed and matched against character sets), thedecoder may simply choose another track type, though this makes the cardprocessing more processor intensive.

The flowchart 1400 continues to block 1410 where decoding engine 110digitizes the identified peaks in the incoming signals into bits. Thedigitizing process takes the given peak information turns them intobinary data and appends them to an array of digital bits. There are twotypes of digitizers: reactive digitizing and predictive digitizing.

Reactive Digitizing

Reactive digitizing takes the given peak information as fact, andattempts to convert them into 1s and 0s in the following steps:

Go through all peak information. For each peak:

Identify the distance between each pair of adjacent peaks.

If these distances are similar (e.g., based on a parameter for finding aseries of peaks that are equidistant from each other), begin looking for1s and 0s. The initial peaks always represent zeros, since the creditcard is padded with zeros at the front and back of the signal.

Once equidistant peaks are found, identify the number of samples betweenpeaks, which is the number of samples that roughly equate to a bit.

Examine the number of samples between the current peak and the nextpeak.

Examine the number of samples between the current peak and the peakafter the next.

Compare the results from Steps 5 and 6 against the value from Step 4:

If the result from Step 5 is closer to the value from Step 4, thenidentify the bit found as a 0.

If the result from Step 6 is closer, then identify the bit found as a 1.

Tie breaking: if the distances are equal and the next two peakamplitudes are smaller than the current peak amplitude, then identifythe bit found as a 1. Otherwise, identify the bit found as a 0.

Once the peak is determined, update the bit length based on the peakfound: if the peak found was a 0, update with the value of Step 5;otherwise, use the value of step 6.

Predictive Digitizing

Predictive digitizing of detected peaks in the incoming signals does nottreat the list of peaks as facts. It first finds bit length, and thenseeks to a point in the peak list where the next relevant peak shouldbe. Once it reaches this location, it then searches before and after thelocation for the nearest peak. The process then checks the polarity ofthis peak compared to the previous peak examined. If the polarities arethe same, the bit found is identified as a 1. Otherwise, it isidentified as a 0. This method of digitizing a peak list is effective inthat it simply ignores any information that is likely irrelevant.

The flowchart 1400 ends at block 1412 where decoding engine 110 convertsthe array of digitized bits into words of card information. Thisconverting process locates the bit sequence that is the start sentinelin the array. At that point, it takes frames of bits (e.g., 5 bits fortrack 2, 7 bits for track 1) and decodes them based on a symbol table.Along the way, the process constantly checks for parity and the LRC atthe end to ensure the data is correct. If there are any errors inparity, LRC, or track length, blocks 1406-1412 may be repeated with adifferent set of parameters to get the correct signal data.

When a card swipe begins, decoding engine 110 can combine various peakdetectors and digitizers discussed above in order to cover variousranges of degradation in quality of the analog input signal generated bycard reader 10. In some embodiments, different process combinations andparameters can be chosen and optimized depending on the hardwareplatform of the mobile device. These combinations and parameter valuescan be pre-determined based on experimentation and testing andinitialized upon starting of the decoding process. The decoding thenruns through all processes specified and runs certain specific processesmultiple times in order to get the correct signal. Such decoding processallows automatic scaling and adjustment during each run to account fordifferent amounts of noise, sampling speed variations, signal ringing,and swipe direction.

Card Present Transaction without Information Sharing

In the example of FIG. 1, user interaction engine 120 is a softwareapplication running on mobile device 100 associated with a payee(merchant) that enables the payer (buyer) and the merchant to interactwith transaction engine 130 to complete a financial transaction. Morespecifically, it may take input of information related to the financialtransaction from the buyer and/or the merchant, provide such input totransaction engine to initiate and complete the transaction, and presentthe result of the transaction to the buyer and the merchant. Here, theinput of information accepted by user interaction engine 120 may includebut is not limited to one or more of: amount of the transaction,including list price and optionally tips, additional notes related tothe transaction such as written description and/or pictures of the itemto be purchased, authorization and/or signature of the buyer.

In some embodiments, other than the conventional keyboard, userinteraction engine 120 may utilize a touch screen of mobile device 100to enable the buyer and the merchant to input numbers, characters, andsignatures by touching the screen via a stylus or a finger.

In some embodiments, in addition to the result of the transaction, userinteraction engine 120 may also present products or services provided bythe merchant to the buyer in combination of one or more of text,pictures, audio, and videos, and enable the buyer to browse through theproducts and services on the mobile device to choose the one he/sheintended to purchase. Such product information can be stored and managedin product database 150.

In the example of FIG. 1, transaction engine 130 takes as its input thedecoded credit card information from decoding engine 110 and transactionamount from user interaction engine 120. Transaction engine 130 thencontacts third party financial institutions such as an acquiring bankthat handles such authorization request, directly or through a paymentsystem, which may then communicate with the card issuing bank to eitherauthorize or deny the transaction. If the third party authorizes thetransaction, then transaction engine 130 will transfer the amount ofmoney deducted from the account of the card holder (e.g., the buyer) toan account of the merchant and provide the transaction results to userinteraction engine 120 for presentation to the buyer and the merchant.In this manner, the merchant may accept a payment from the buyer viacard reader 10 and mobile device 100.

In the example of FIG. 1, although mobile device 100 is associated withthe merchant, transaction engine 130 running on mobile device 100protects the privacy of the buyer/payer during the card-presenttransaction by taking card information from the buyer directly fromdecoding engine 110 and do not share such information with the merchantvia user interaction engine 120. Here, the card information that are notshared with the merchant includes but is not limited to, card number,card holder's name, expiration date, security code, etc. In essence,transaction engine 130 serves as an intermediary between the buyer andthe merchant, so that the buyer does not have to share his/her cardinformation with the merchant as in a typical card-present transactionor an online transaction. Still, the buyer is able obtain an itemizedreceipt for the transaction completed as discussed later.

In some embodiments, although transaction engine 130 does not share cardinformation of the buyer to the merchant, it may present identityinformation of the buyer, such as a picture of the buyer on record inuser database 140, with the merchant via user interaction engine 120 sothat merchant can reliably confirm the identity of the buyer during thecard-present transaction to prevent credit fraud.

In the example of FIG. 1, user database 140, product database 150, andtransaction database 160 can be used to store information of buyer andthe merchant, products and services provided by the merchant, andtransactions performed, respectively. This information can also bestored by the payment system. Here, user information (e.g., name,telephone number, e-mail, etc.) can be obtained through online userregistration and product information can be provided by the merchant,while transaction database 160 is updated every time a transaction isprocessed by the transaction engine 130. Information stored can beselectively accessed and provided to the buyer and/or merchant asnecessary.

In the example of FIG. 1, transaction engine 130 communicates andinteracts with the third party financial institution directly or throughthe payment system, user database 140, product database 150, andtransaction database 160 over a network through the payment system (notshown). Here, the network can be a communication network based oncertain communication protocols, such as TCP/IP protocol. Such networkcan be but is not limited to, internet, intranet, wide area network(WAN), local area network (LAN), wireless network, BLUETOOTH®, WiFi, andmobile communication network. The physical connections of the networkand the communication protocols are well known to those of skill in theart.

Dynamic Receipt

In various embodiments, upon the completion of a financial transactionthrough, for a non-limiting example, card reader 10 connected to mobiledevice 100 associated with a merchant, transaction engine 130 running onthe mobile device 100 can be configured to capture additional dataassociated with the transaction and incorporate the additional data intoa dynamic receipt for the transaction, wherein in addition totransaction information typically included in a conventional receipt,the dynamic receipt may also include additional environmentalinformation of the transaction. For non-limiting examples, the financialtransaction can be an electronic transaction conducted over the Internetor a card present point-of-sale transaction where the buyer/payer makesthe purchase at a store front, other “brick-and-mortar” location, orsimply in presence of a merchant/payee.

In some embodiments, the additional environmental information includedin the dynamic receipt may include information pertaining to thetransaction environment. In one non-limiting example, a mobile deviceequipped with a Global Positioning System (GPS) receiver can be used tocapture the coordinates/location of the transaction, and record it as apart of the information on the dynamic receipt. This way, the physicallocation of the point of sale (which may be different from themerchant/payee's registered address) can be recorded and used bytransaction engine 120 to verify the transaction. In anothernon-limiting example, a mobile device equipped with a camera and/oraudio and/or video recorder can be used to capture a photo and/or avideo and/or an audio recording of the product or service involved inthe transaction and incorporates such data or link/reference to suchdata into the dynamic receipt. In another non-limiting example, a mobiledevice with a biometric scanner can be used to scan the fingerprint orpalm print of the buyer/payer and/or merchant/payee and includes atleast a portion of such information in the dynamic receipt. In anothernon-limiting example, the mobile device can record certain informationassociated with the transaction in the dynamic receipt, wherein suchinformation includes but is not limited to, how quickly the buyer swipesthe card, the angle at which the card is swiped. In another non-limitingexample, special characteristics of the card being swiped, also referredto as the magnetic fingerprint of the card, can be recorded and includedin the dynamic receipt.

In some embodiments, the dynamic receipt can be in electronic form thatcan be accessed electronically or online and may also include link orreference pointing to multimedia information such as image, video oraudio that are relevant to the transaction.

In some embodiments, transaction engine 130 can use the environmentalinformation included in the dynamic receipt to assess risk associatedwith a transaction. For a non-limiting example, if the GPS informationindicates that the transaction is taking place in a high crime/high riskarea, the risk associated with the transaction is adjusted accordingly,and the buyer's bank may be notified accordingly. Alternatively,biometric information scanned and included in the dynamic receipt can beused for identity verification purposes to prevent identity theft andcredit fraud.

In some embodiments, transaction engine 130 can use the dynamic receiptcan be used as a non-intrusive way to communicate with the buyer and/orthe merchant. For a non-limiting example, the additional informationincluded in the dynamic receipt can be used to make offers to the buyer.If a dynamic receipt includes the GPS location of the point of sale ofthe transaction, coupons or other promotional offers made by vendors atnearby locations can be presented to the buyer when the buyer chooses toview the receipt electronically online. Alternatively, if a specificproduct involved the transaction can be identified by the transactionengine either directly through product description or indirectly byanalyzing pictures or videos taken, offers of similar or complementaryproducts can be made by a vendor to the merchant of the product.

In some embodiments, transaction engine 130 may notify buyer and/or themerchant of the receipt via an electronic message, which can be but isnot limited to, an email message, a Short Message Service (SMS) message,TWITTER®, or other forms of electronic communication. The recipient ofthe electronic message may then retrieve a complete itemized dynamicreceipt online at his/her convenience via a telephone number on his/herrecord in user database 140 to retrieve his/her electronic receiptsstored in transaction database 160. In some embodiments, the electronicmessage may include an indication such as a code that the recipient canuse to retrieve the electronic receipt online as an alternative or incombination with the telephone number.

FIG. 15 depicts a flowchart of an example of a process to supportfinancial transaction between a payer and a payee through a miniaturizedcard reader, which has length and height dimensions smaller than lengthof height dimensions of the associated mobile device, connected to amobile device. In the example of FIG. 15, the flowchart 1500 starts atblock 1502 where an amount of a financial transaction is providedthrough an interactive user application launched on the mobile device asshown in FIG. 16( a). The flowchart 1500 continues to block 1504 where aminiaturized card reader structured to minimize swipe error is connectedto the mobile device as shown in FIG. 16( b). The flowchart 1500continues to block 1506 where a card is swiped through the card readerto initiate the financial transaction as shown in FIG. 16( c). Theflowchart 1500 continues to block 1508 where the payer confirms theamount of the card-present transaction via a signature signed via theinteractive user application on the mobile device to complete thetransaction as shown in FIG. 16( d). Payments are made with the use ofthe payment system which is coupled to the mobile device 100 Note thatthe signature is required as an additional layer of confirmation for theprotection for the payer even when such signature may not be technicallyrequired to authorize the transaction. The flowchart 1500 continues toblock 1510 where result of the transaction is received and presented tothe payer and/or merchant as shown in FIG. 16( e) through the use of thepayment system. The flowchart 1500 ends at block 1512 where anelectronic receipt of the transaction is provided to the payer in theform of an electronic message as shown in FIG. 16( f).

In one embodiment, a longitudinal plane of the of the output jack 18lies within the plane that the card travels in the slot 14 within 5 mm,and in another embodiment within 3 mm.

Referring now to FIG. 17, in one embodiment of the present invention anintegrated read head system includes mobile device 212 with an audiojack 214 at least one microphone input port 216 and other ports,including but not limited to a USB port. A read head 218 is physicallycoupled to the mobile device 212. The read head 218 has a slot 220 forswiping a magnetic stripe of a financial transaction card to enable afinancial transaction between a buyer and seller with the paymentsystem. The read head 218 reads data on the magnetic stripe and producesa signal indicative of data stored on the magnetic stripe. The read head218 has an output jack 222 that physically connects the read head 218 toat least one of the audio jack 214 or microphone port 216 of the mobiledevice 212, the USB port and the like. The read head 218 provides thesignal to the mobile device 212. The signal is decoded at the mobiledevice 212. The decoding includes determining pulses in the signal andconverts at least some of the pulses to characters.

In another embodiment of the present invention, a method is provided forconducting a financial transaction with a financial transaction cardusing the integrated read head system 210.

In one embodiment of the present invention, as illustrated in FIG. 18, amethod of paying a second party (payee) is provided. In this embodiment,a first party (payer) views the names of one or more qualified secondparties. The qualified second parties are second parties that, (i) havean association with the payment service, and (ii) second parties that ifthey do not have an established association with the payment servicethen they have established one prior to payment. The first party has anassociation with the payment service. A tab is opened by the first partythat can be selected by the qualified second party at any geographiclocation of a first party's mobile device 100. The qualified secondparty is only able to charge a first party's financial account when thefirst party's mobile device 100 is within a defined geographic area. Thetab is a relationship between the first party, the payment service andthe qualified second party, The qualified second party can engage in afinancial transaction with the first party is within the definedgeographic area. The overall architecture of the payment system isillustrated in FIG. 19.

The first party's mobile device 100 is configured to communicate withthe payment service. The first party views the names of the one or morequalified second parties with the first party's mobile device 100. Thefirst party establishes the first party's financial account. The firstparty enters financial account information with a single initial entryto the payment service and additional entries of the financial accountinformation to the payment service are not required for future financialtransactions between the first party and any qualified second party whenthe same payment service is used.

The financial account is selected from at least one of, a bank account,credit card, debit card, pre-paid card, a second party financial accountand the like. The financial account is selected by the first party by atleast one of, use of a mobile device 100, from a bank terminal, doneon-line and the like. The first party's financial account can be afinancial transaction card, and the entering of the first party'sfinancial card information is with a mobile device 100. Entering of thefinancial card information can be done by, swiping the financialtransaction card through a slot of a card reader coupled to the mobiledevice 100, through a slot of the mobile device 100, by touch of thefinancial transaction card to the mobile device 100, by typing ininformation at the mobile device 100, with photos, by selecting a cardfrom an application on a mobile device 100, from an on-line entity andthe like. The mobile device 100 is a device as described above.

The qualified second party can see a list of first parties that have anassociation with the payment service. The qualified second party canview a list of first parties with open tabs. The list of first partiesseen by the qualified second party has first party identifyinginformation. The identifying information is anything that reliablyidentifies the first party and can include, but is not limited to,names, photos, cell number, social security number, e-mail address,other personal identifying information for a first party and the like.

In another embodiment, a method of paying a second party a first partyviews the names of one or more qualified second parties with a mobiledevice 100. Preferably, the mobile device 100 is the first party'smobile device 100. A tab is then opened by the first party as recitedabove that can be selected by the qualified second party at anygeographic location of the first party's mobile device 100, but thequalified second party is only able to charge a first party's financialtransaction card when the first party's mobile device 100 is within adefined geographic area In one embodiment, the mobile device 100 iscoupled to a card reader that includes an output jack adapted to beinserted at least one of the audio input port or microphone input port,USB port and the like of the mobile device 100 and delivers a signal tothe mobile device 100. In various embodiments, the sampling rate of thesignal at the audio input port or a line input port of the mobile device100 is at least 15 kHz, 20 kHz. 30 kHz, 40 kHz and the like.

Entering of the financial card information can be achieved by a varietyof methods including but not limited to, swiping the financialtransaction card through a slot of a card reader coupled to the mobiledevice 100, through a slot of the mobile device 100, with a touch of thefinancial transaction card to the mobile device 100, typing ininformation at the mobile device 100, with photos, selecting a card froman application on a mobile device 100 and from an on-line entity and thelike.

A confirmation of payment can be made to the first party in response toa transfer of funds from the financial transaction card. In variousembodiments, the financial transaction card is selected from at leastone of, credit financial transaction card, debit financial transactioncard, gift financial transaction card, fund transfer financialtransaction card, other types of payment authenticating piece capable ofcarrying out a transfer of funds and the like, as set forth above.

In another embodiment of the present invention, illustrated in FIG. 20,a method is provided of conducing on-line purchases using a mobiledevice 100. A first party visits a second party on-line entity. Thefirst party accesses a second party on-line entity. The first party isalready registered with the payment service or becomes registered priorto the conclusion of completing a transaction. The mobile device 100 isconfigured to communicate with the payment service. The first partyconsiders conducting a transaction with the second party on-line entity.The second party on-line entity is registered with the payment service,or in response to the first party's desire to transact with the secondparty on-line entity, the second party on-line entity becomes registeredwith the payment service. The first party enters personal identifyinginformation that is sent to the payment service. In response, the firstparty receives a push notification to the first party's mobile device100 that enables the first party to complete the transaction with thesecond party on-line entity.

In various embodiments, the first party's personal identifyinginformation is entered by at least one of, use of a mobile device 100,from a bank terminal, done on-line and the like. For the transaction,the first party uses the first party's financial account. The firstparty enters financial account as recited above, which does not requirere-entry with the payment service for future transactions with secondparties that are also registered with the payment service.

In one embodiment, the first party uses the first party's financialtransaction card for the transaction where the card information isentered to the payment service as recited above. Additionally, the firstparty enters its personal identifying information with the paymentservice only once as recited above and need not re-enter for secondparty transactions.

In various embodiments, the on-line entity is any second party that cantransact business with the payment service including but not limited to,merchants, peers and the like.

In one specific embodiment, the first party enters its personalidentifying information that is sent to the payment service using thefirst party's mobile device 100. In this embodiment, the first party canuse a first party financial card to complete the transaction. The firstparty's mobile device 100 is coupled to a card reader that includes anoutput jack adapted to be inserted at least one of the audio input portor microphone input port, USB port and the like, of the mobile device100 and delivers a signal to the mobile device 100.

In another embodiment of the present invention, illustrated in FIG. 21,a method is provided for transferring funds to and/or from the firstparty's financial account. The first party's financial accountinformation is entered with a single initial entry to the paymentservice. Funds are transferred to and/or from the first party'sfinancial account using the payment service. The funds can betransferred to the first party, or to second parties. The first party'sfinancial account, including but not limited to a financial transactioncard can be the destination of the funds. A simple swipe of the firstparty's financial transaction card can make the financial transactioncard a funding source. The first party is either registered with thepayment service, or becomes registered prior to the transfer of funds toand/or from the financial account using the payment service. For futureuses of the first party's financial account, to transfer funds to and/orfrom the first party's financial account, the first party's financialaccount information need not be re-entered again with the paymentservice.

In another embodiment, funds are transferred from the first party'sfinancial account to a second party using the payment service.

In one embodiment, the second party is already registered with thepayment service or becomes registered with the payment service prior tothe transfer of funds from the first party. In another embodiment, thesecond party is not registered with the payment service.

In one specific embodiment, funds are transferred to and/or from thefirst party's financial account using the payment service, e.g., to thefirst party or to a second party, where the financial account is a bankaccount, credit card, debit card, pre-paid card, a third party fundingsource and the like.

In another embodiment, the first party's financial card is entered witha single initial entry to the payment service using a mobile device 100.Again, for future uses of the first party's financial transaction cardto transfer funds using the payment service to a second party, the firstparty's financial transaction card information need not be enteredagain.

Again, the entering of the financial card information to the paymentservice can be achieved by, swiping the financial transaction cardthrough a slot of a card reader coupled to the mobile device 100,through a slot of the mobile device 100, with a touch of the financialtransaction card to the mobile device 100, typing in information at themobile device 100, with photos, selecting a card from an application ona mobile device 100, from an on-line entity and the like.

In another embodiment of the present invention, a method of conducting afinancial transaction includes the first party's financial accountinformation being entered once, e.g., with a single initial entry to thepayment service. For future uses of the first party's financial accountto transfer funds using the payment service to a second party, the firstparty's financial account information need not be entered again with thepayment service. The second party's personal identifying information isentered. Funds are transferred from the first party's financial accountto an account of the second party with the use of the payment service.

In another embodiment, the first party's financial transaction cardinformation is entered with a single initial entry to the paymentservice. Again, for future uses of the first party's financialtransaction card to transfer funds using the payment service to a secondparty, the first party's financial account information need not beentered again with the payment service. The second party's personalidentifying information is entered and funds are transferred from thefirst party's financial account to an account of the second party withthe use of the payment service.

In various embodiments, (i) the second party has an association with thepayment system, (ii) the first party and the second party each have anassociation with the payment system, (iii) the first party has anassociation with the payment system but the second party does not.

In one embodiment, the first party uses a send money mode of the firstparty's mobile device 100. In various embodiments, the second party is(i) anybody on the first party's phone list, (ii) not on the firstparty's phone list but is added to the first party's phone list inresponse to a transaction, (iii) the second party has an associationwith a payment system or is a database of the payment system, (iv) thesecond party does not have an association but then has one in responseto a text message or equivalent sent to the second party, and the like.In response to the text message, the second party either accepts orrejects.

In another embodiment, the first party's financial transaction cardinformation is entered with a single initial entry to the paymentservice. Again, for future uses of the first party's financialtransaction card information to transfer funds using the payment serviceto a second party, the first party's financial account information neednot be entered again with the payment service. The second party's mobiledevice 100 number is entered in the first party's mobile device 100. Inresponse, funds are transferred from the first party to an account ofthe second party.

In one embodiment of the present invention, the read head 310 readstrack 1 of the financial transaction card. Track 1 is 210 bytes per inchand is more difficult to decode than track 2. In one embodiment ofreading track 1, the signal is interpreted and transferred at a constantrate 2400 baud.

In another embodiment, the read head 310 is configured to be positionedto provide for rotation of up to 10 degrees while still registering on atrack to be read. The location of the read head 310 relative to themobile device 312, and the microphone port of the mobile device 312 areoff set from a center of track 1 in order to bias it to a bottom oftrack 1. As a non-limiting example, the offset can be 0.05 inches in thedirection x and 0.040 inches in the y direction.

In another embodiment, illustrated in FIG. 22, a spring member 314 isattached to the read head 310 that provides for increased accuracy andread head 310 adjustment by creating less friction on the financialtransaction card. The spring member 314 can be softer and be a one leafdesign retained on only one side. The spring member 314 can be acantilever spring member 314 with a pre-load onto an opposing wall on aback bone at an angle of about 3-7 degrees to ensure that the read head310 is substantially perpendicular to the magnetic strip when thefinancial transaction card is read. The spring member 314 can be part ofa sub-assembly 316 that is coupled to a PCB 318 at one end and coupledto the back bone 320.

In one embodiment, the mobile device 312 provides encryption andauthentication. In this embodiment, each card reader 322 can have aunique key that can be included in the microprocessor 324 of the PCB318. The financial transaction card is swiped and the signalinterpreted. The microprocessor 324 than encrypts the data using a HWIDand counter. The signal is encrypted when received at the mobile device312 with an ID and counter. The signal sent to the back end 326 of thepayment system where the identification of the read head 310 isdetermined and the signal is decrypted.

At the back end 326, the payment system can use HWID and decode theencrypted signal from the mobile device 312 using a hard functiondecodes. Using HWID, encrypted hash function decode, the complete CCwith CRC is reconstructed which is then sent to a payment gateway 328 asillustrated in FIG. 23. An acknowledgement of a good or bad transactionis then sent back to the mobile device 312.

As illustrated in FIG. 24, the output from a read of the track goes toan amplifier, differentiator, into a comparator and then into amicrocontroller. The output to the comparator is analog, and digitalinto the microcontroller and into the mobile device 312.

Several fields of cardholder information are sent to the server at theback end 326 in either an encrypted or authenticated format. In oneembodiment, the protocol has several fields: length of message, counter,hardware id, authenticated message length, issue type, last 4 digits ofthe financial transaction card, cardholder name, PAN number, expirationdate, service code, and an authentication tag.

Referring to FIG. 25, in various embodiments, the card reader 322accepts a raw signal from the read head 310 and processes the financialtransaction card read on the fly. A CRC check is performed. The buyer'sname, type of financial transaction card from the ABA table, and thelast four numbers of the financial transaction card are in an encryptedpacket forwarded to the mobile device 312. In one embodiment part of theCC that are encrypted and parts are authenticated. In one specificembodiment, a 2400 baud 8-N-1 serial protocol is used in the packet sentto the mobile de vice. The mobile device 312 interprets the 2400 baudserial transmission and sends an encrypted packed with other financialtransaction card information to the backend 326 of the payment system.

Referring to FIG. 26, in one embodiment, the slot of the read head 310has directionality. In one embodiment, the slot has a wider entrancetrack and the read head 310 is biased in one direction. These enables auser to rock the financial transaction card through the slot more in onedirection that in the other. In one embodiment, the slot can have awider entrance track and the read head 310 is biased in one direction.These enables a user to rock the financial transaction card through theslot more in one direction that in the other.

The read head 310 can include a power source 330 as illustrated in FIG.27. The power source 330 can be a battery coupled to the microprocessor324. In another embodiment, power to the read head 310 is provided bythe mobile device 312. In one embodiment, wake-up detection is providedand the power source 330 is in a sleep mode until a swipe of atransaction card is initiated.

In one embodiment, the read head 310 is a four piece plastic mold. Thespring member 314 can be soldered onto the PCB 318 to form thesub-assembly 316.

As a non-limiting example, the read head housing 330 can be heat-stakedonto the back side of the backbone 320. The battery 330 can be attachedto the front side of the backbone 320 with PSA. With the front cover, itcan be attached to the backbone 320 using ultrasonic welding. A TRSconnector can be placed onto the back bone and the connection solderedto the PCB 318. The back cover can be attached to the backbone 320 tocomplete the assembly.

In various embodiments, the card reader 322 is coupled to various portsof the mobile device 312, including but not limited to the microphoneport, the USB port, accessory port.

In another embodiment, the card reader is coupled to other ports of themobile device 100, including but not limited to the USB port, accessoryport and the like.

In one embodiment of the present invention, a method is provided ofconducting a financial transaction with reduced likelihood of fraud. Afinancial transaction is entered into using a first party's financialtransaction instrument to transfer funds. The first party's financialtransaction instrument information is sent externally to the mobiledevice 100. The financial transaction instrument information is sentfrom the financial transaction instrument such as a mobile device 100 toa payment system. A determination is made to see if there is fraudulentuse of the financial transaction instrument 100 prior to completion ofthe financial transaction. The mobile device 100 can be a merchant'smobile device 100. The determination of fraudulent use can be madeeither at the mobile device 100 or the payment system. In oneembodiment, the first party's financial transaction instrumentinformation is only sent once to the mobile device 100 and need not bedone again for future purposes.

The financial transaction instrument 100 is selected from at least oneof those listed above, as well as a person's financial account and thelike.

In one embodiment, a location identifier is received from aposition-sensing device indicating a location where the request issubmitted or information that can lead to identification of the locationwhere the request is submitted. The position-sensing device can beselected from a group of eligible devices. Information identifying theselected position-sensing device can be received by the requestprocessor in advance of the request processor receiving the submittedrequest; and determining whether to service the request based at leastin part on the received location identifier or information. Thesubmission device can be embodied in an apparatus separate from anapparatus housing the position-sensing device. The submission device andthe position-sensing device can be integrated in the mobile device 100.

In another embodiment, the first party's financial account informationis entered using the first party's mobile device 100 with a singleinitial entry to a payment service. Funds are transferred to and/or fromthe first party's financial account using the payment service. The firstparty is registered with the payment service, or becomes registeredprior to transferring funds to and/or from the financial account usingthe payment service. For future uses of the first party's financialaccount to transfer funds to and/or from the first party's financialaccount, the first party's financial account information need not beentered again with the payment service. In response to, (i) entering thefirst party's financial account information or (ii) using the firstparty's mobile device 100 for a financial transaction following thesingle initial entry to the payment service, a determination is made tosee if a fraudulent attempt or fraudulent use of the first party'sfinancial account information is committed.

In another embodiment, the first party's financial account informationis entered using the first party's mobile device 100 with a singleinitial entry to a payment service. Funds are transferred from the firstparty's financial account to a second party using the payment service.The first party is either registered with the payment service, orbecomes registered prior to transferring funds to and/or from the firstparty's financial account using the payment service. For future uses ofthe first party's financial account to transfer funds to and/or from thefirst party's financial account, the first party's financial accountinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device 100 for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, the first party's financial account informationis entered using the first party's mobile device 100 with a singleinitial entry to the payment service. The first party's financialaccount is selected from at least one of, a bank account, credit card,debit card, pre-paid card and a third party funding source. Funds aretransferred to and/or from the first party's financial account using thepayment service. The first party is either registered with the paymentservice, or becomes registered prior to transferring funds to and/orfrom the financial account using the payment service. For future uses ofthe first party's financial account to transfer funds to and/or from thefirst party's financial account, the first party's financial accountinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device 100 for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party's financial account information isentered using the first party's mobile device 100 with a single initialentry to a payment service. The first party's financial account isselected from at least one of, a bank account, credit card, debit card,pre-paid card and a third party funding source. Funds are transferredfrom the first party's financial account to a second party using thepayment service. The first party is registered with the payment service,or becomes registered prior to transferring funds to and/or from thefirst party's financial account using the payment service. For futureuses of the first party's financial account to transfer funds to and/orfrom the first party's financial account, the first party's financialinformation need not be entered again with the payment service. Inresponse to, (i) entering the first party's financial accountinformation or (ii) using the first party's mobile device 100 for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party's financial transaction cardinformation is entered using the first party's mobile device 100 with asingle initial entry to a payment service. For future uses of the firstparty's financial transaction card to transfer funds to and/or from thefirst party's financial transaction card, the first party's financialtransaction card information need not be entered again with the paymentservice. In response to, (i) entering the first party's financialtransaction card information or (ii) using the first party's mobiledevice 100 for a financial transaction following the single initialentry to the payment service, a determination is made to see if afraudulent attempt or fraudulent use of the first party's financialaccount information is committed.

In another embodiment, a first party's financial transaction cardinformation is entered using the first party's mobile device 100 with asingle initial entry to a payment service. Funds are transferred fromthe first party's financial transaction card to a second party using thepayment service. The first party is registered with the payment service,or becomes registered prior to transferring funds to and/or from thefirst party's financial transaction card using the payment service. Forfuture uses of the first party's financial transaction card to transferfunds to and/or from the first party's financial transaction card, thefirst party's financial transaction card information need not be enteredagain with the payment service the first party's financial. In responseto, (i) entering the first party's financial transaction cardinformation or (ii) using the first party's mobile device 100 for afinancial transaction following the single initial entry to the paymentservice, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial account information iscommitted.

In another embodiment, a first party accesses names of one or morequalified second parties. The qualified second parties are defined assecond parties having an association with the payment service, andsecond parties that if they do not have an established association withthe payment service, have an established association with the paymentservice prior to payment. The first party has an association with thepayment service. A tab is opened by the first party that can be selectedby the qualified second party at any geographic location of a firstparty's mobile device 100. The qualified second party is only able tocharge a first party's financial account when the first party's mobiledevice 100 is within a defined geographic area. The tab is arelationship between the first party, the payment service and thequalified second party. The qualified second party can engage in afinancial transaction with the first party when the first party iswithin the defined geographic area. In response to the second party, (i)attempting to charge the first party or (ii) charging the first party, adetermination is made to see if a fraudulent attempt or fraudulent useof the first party's financial account is committed.

In another embodiment, names of one or more qualified second parties areaccessing by the first party with the first party's mobile device 100.The second parties have an association with the payment service, or ifnot have one prior to payment. The first party has an association withthe payment service. A tab is opened by the first party that can beselected by the qualified second party at any geographic location of thefirst party's mobile device 100. The qualified second party is only ableto charge a first party's financial transaction card when the firstparty's mobile device 100 is within a defined geographic area. Thequalified second party can engage in a financial transaction with thefirst party when the first party is within the defined geographic area.In response to the use of the first party's mobile device 100 to pay thesecond party, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial transaction card iscommitted.

In another embodiment, a first party accesses a second party on-lineentity. The mobile device 100 is configured to communicate with thepayment service. The first party considers conducting a transaction withthe second party on-line entity. The second party on-line entity isregistered with the payment service or in response to the first party'sdesire to transact with the second party on-line entity, the secondparty on-line entity becomes registered with the payment service. Thefirst party enters personal identifying information that is sent to thepayment service. The first party receives a push notification to thefirst party's mobile device 100 that enables the first party to completethe transaction with the second party on-line entity. In response to thefirst party receiving the push notification to the first party's mobiledevice 100, a determination is made to see if a fraudulent attempt orfraudulent use of the first party's financial transaction card iscommitted.

In another embodiment, a first party visits a second party on-lineentity. The first party considers conducting a transaction with thesecond party on-line entity. The first party enters personal identifyinginformation using the first party's mobile device 312 and this is sentto the payment service. The first party receives a push notification ofthe first party's mobile device 312 that enables the first party tocomplete the transaction with the second party on-line entity. Inresponse to the first party receiving the push notification to the firstparty's mobile device 312, a determination is made to see if afraudulent attempt or fraudulent use of the first party's financialtransaction card is committed.

Referring now to FIG. 28, a mobile device 412 can include a positionsensor 416. In this embodiment, the mobile device receives financialtransaction card information by any of the methods listed above. Thefinancial transaction card information is sent from the mobile device toa payment system for processing. The mobile device 412 can be capable oftransmitting position information to the payment system and can includea position sensor 416 configured to detect a position of the mobiledevice and send this position information to the payment processingsystem via a variety of methods including but not limited to wirelessand the like. Mobile device 412 can send the financial card transactioninformation substantially simultaneously and position information topayment system. Payment system 414 can includes an associated databaseof permissible and/or impermissible use areas for a particular user'smobile device 412.

Payment system 414 can be configured to check position information ofthe mobile device 412 against the permissible and/or impermissible useareas for each user, and thereby determine if the device is being usedin an impermissible use area for the user. If so, the payment system 414is configured to indicate that a possibility of fraud exists in thepending transaction. If the possibility of fraud is detected, the systemmay be configured to take an action, such as preventing fulfillment ofthe transaction due to the possibility of fraud.

The payment system 414 can be as described above and can include aconventional computing system with storage medium having programminginstructions designed to implement the present invention, and one ormore processors to execute the programming instructions.

In one embodiment, when a financial transaction cardholder is issued afinancial transaction card, the cardholder may be asked to give thegeographic location of their home and office, as well as any otherlocations that the cardholder frequently place on-line orders and usethe credit card. This information may be obtained during the applicationprocess or on an ongoing basis. The information may be entered into adatabase.

Thus, when a financial transaction is conducted using a mobile device412 current location information can be provided to the payment system414 where a check can be performed for whether the financial transactionis being conducted from a permissible location. If the financialtransaction is not being conducted from a permissible location, thefinancial transaction may be rejected. Additionally, a warning in theform of a message and/or a call may be provided to the financialtransaction cardholder.

Referring to FIG. 29, in another embodiment, a card reader 416, whichcan be any of the card readers described herein, can include a positionsensor 416. In a financial transaction, the position of the card reader416 is determined when a financial transaction is entered into, whereinfinancial card transaction information can be sent to the mobile device412, and then sent to payment system 414.

The payment processing system 414 can detect the position of the cardreader 418 and therefore, the position of the payment device in apayment device-present transaction.

In another embodiment, a position sensing device 420 can be included.The position-sensing device 420 can be configured to send positioninformation to a position tracking system 422. The communication linkbetween position tracking system 422 and position-sensing device 420 maybe a satellite link such as used in a global positioning satellitesystem, radio frequency link, optical link such as infrared, orvirtually any other communication link suitable for use in positiondetection.

As shown in FIG. 30, a security device-present transaction system 424can be utilized and can utilize location indicators, alone or incombination with other parameters, to determine the security clearancefor access to a particular secured location. Security device-presenttransaction system 424 can include a security device 426 configured tobe read by a security device reader 428. Security device 426 may be acard or badge encoded with security information, such as an access code,a mobile device, a card reader and the like, configured to transmitsecurity information to security device reader 424 via an infrared orother communication link. Further, the security device may be any otherdevice capable of providing the appropriate security and positioninformation to security device reader 424. In particular, securitydevice 426 may include a position sensor 416, configured to transmitinformation about its relative geographical location.

Security access control system 430 is further configured to detect thelocation or position of security device 426 and/or security reader 428by the position information received from position sensor 416.Alternatively, the security access control system 430 can be configuredto detect the position of the security device reader (and therefore theposition of the security device in a device-present transaction), byresolving a security identifier using a database of known securityidentifier locations. For example, the security identifier 1234567 maycorrespond to a gated entrance to a secured building.

In order to detect an improper use of security device 426, securityaccess control system 430 is configured to compare the position ofposition-sensing device 416 the location or position of a currenttransaction involving security device 426 (i.e., the location orposition of security device 426 and/or security device reader 428). Ifthe locations of the position-sensing device 416 and the security device426 are different, or alternatively, if the locations ofposition-sensing device 416 and security reader 428 are different, thenthe security access control system is configured to determine that thereis a possibility of improper use of the security device in the currenttransaction.

Upon determining the possibility of improper use, the system 430 isconfigured to take a designated action, such as warning a securityattendant and/or by automatically locking an entrance to a secured area.

The security control system may be implemented with conventionalcomputing system with storage medium having programming instructionsdesigned to implement the present invention, and one or more processorsto execute the programming instructions.

In one embodiment of the present invention, illustrated in FIGS. 16( b)16(c), 31 and 32, a card reader, generally denoted as 510, is providedthat includes a housing 512 and a read head 514 positioned therein. Theread head 514 is configured to be coupled to a mobile device 516 andincludes a slot 518 for swiping a magnetic stripe of a card 520. In oneembodiment, the card reader 510 with the slot 518 is utilized for atransaction between a buyer and seller. The read head 514 reads data onthe magnetic stripe and produces a raw magnetic signal indicative ofdata stored on the magnetic stripe.

Referring now to FIGS. 33 and 34, device electronics 522 are providedthat include an analog to digital front-end 524 and a microcontroller526. The analog to digital front end 524 is coupled to a processingelement 528 in the microcontroller 526. The analog to digital front end524 receives a raw magnetic head signal from the magnetic head 525, FIG.35, and converts it into a processed digital signal that themicrocontroller 526 can interpret, with the microcontroller 526producing a signal. An output jack 530 of the card reader 510 is adaptedto be inserted in a port of the mobile device 516 and deliver an outputjack signal to the mobile device 516.

The microcontroller 526 is configured to convert raw bit patterns intoformatted credit card 520 information. The microcontroller 526 canindependently determine if the card data is valid. The card reader 510can accept motion of the card 520 bi-directionally at either end of theslot 518 and at varying velocities as it is swiped through the slot 518.In one embodiment, the mobile device 516 detects the card reader 510 asa microphone.

In various embodiments, the output jack signal is an encrypted outputjack signal, and encrypted and signed output jack signal and the like.The signal from the microcontroller 526 can be the output jack signal.The output jack signal can be a synchronous Manchester encoded stream,an asynchronized stream and the like. In one embodiment, the output jacksignal is at a frequency that the output jack signal appears to look ACto a microphone input of the mobile device 516. In one embodiment, afrequency of the output jack signal is 2 KHz to 48 kHz, and in anotherit is 2.4 kHz. The output jack signal can be a low-amplitude analogwaveform.

In one embodiment, the read head 514 sends the output jack signal to themobile device 516 at a constant baud rate. As a non-limiting example,the constant baud rate is 2400 to 9200 baud.

In one embodiment, the microcontroller 526 has a non-volatile memorywith a size of 2-8 Kbytes, and RAM with a size 128-512 bytes. In anembodiment, the analog to digital front end 524 is configured to capturecard 520 readings that are swept at a rate of 5 inches to 50 inches persecond.

In one embodiment, the analog to digital front end 524 includes, anamplifier or amplifier/filter, (collectively 532) (FIG. 36),differentiator 534 (FIG. 37), a comparator 536 (FIG. 38) and can includehave wake-up electronics 538 (FIG. 39) which can be a wake-up circuit. Apower source 540 (FIGS. 40 and 41), including but not limited to abattery, can be coupled to the wake-up electronics 538. The wake-upelectronics 538 signals the microcontroller 526, which in turn puts thedevice electronics 522 into an active mode from a sleep mode and backinto the sleep mode when a card 520 swipe signal stops. The wake-upelectronics 538 is powered down by the microcontroller 526 when thedevice electronics 522 is in the active mode. In various embodiments thewake-up electronics 538, (i) utilize an op-amp, (ii) utilize an op-amp,a discrete transistor, and associated passive components and the like.Portions of the analog circuitry can be powered-down to conserve powerwhen not in use, and automatically powered-up when the beginning of acard 520 swipe is detected.

In one embodiment, the wake-up electronics 538 are powered by amicrophone bias of a mobile device 516. In another embodiment, themicrophone-bias line is used both for power and for data transmissionback to the mobile device 516.

The wake-up electronics 538 detects when there is an edge from leadingzeros of a card 520 being swiped and alerts to wake up themicrocontroller 526 and device electronics 522. The device electronics522 wakes up in enough time to process and encrypt a card 520 swipesignal.

The device electronics 522 can include the amplifier/filter 532,differentiator 534, comparator 536, transmission electronics 542 (FIG.42), the microcontroller 526 and optionally the wake-up electronics 538.

The raw magnetic head signal is amplified by the amplifier/filter 532and processed before the microcontroller 526 accepts it as an input. Thedifferentiator 534 takes the output of the amplifier/filter 532 anddifferentiates it, looking for peaks in the input signal. The comparator536 takes the output of the differentiator 534 and compares it to areference voltage and produces an output that is a processed digitalversion of a magnetic swipe. The comparator 536 looks for where an inputsignal crosses zero. The microcontroller 526 accepts the comparator 536inputs, processes the comparator 536 inputs and encrypts at least aportion of data of the comparator 536 input. The microcontroller 526controls power to the amplifier/filter 532, differentiator 534 and thecomparator 536. The comparator 536 can be included as part of themicrocontroller 526. The transmission electronics 542 accepts outputdata of the microcontroller 526 as an input and uses this to modulate amicrophone-bias line of the mobile device 516.

In another embodiment, a method is provided of transmitting informationto a mobile device 516 using the card reader 510. In this embodiment,the raw magnetic head signal is received at the analog to digital frontend 524 and converted into a processed digital signal that themicrocontroller 526 can interpret. The output jack signal is thereafterdelivered to the mobile device 516.

In another embodiment, the card reader 510 includes a housing 512. Theread head 514 is positioned in the housing 512 and is configured to becoupled to the mobile device 516. In this embodiment, the power supplyis coupled to the wake-up electronics 538 and the microcontroller 526.The output jack 530 is adapted to be inserted in a port of the mobiledevice 516 and deliver the output jack signal to the mobile device 516.The wake-up electronics 538 is powered by a microphone bias of a mobiledevice 516.

In another embodiment, a method is provided of transmitting informationto a mobile device 516. The read head 514 includes the power supplycoupled to wake-up electronics 538 and the microcontroller 526. Thewake-up electronics 538 is powered by a microphone bias of the mobiledevice 516.

In another embodiment, the card reader 510 includes a housing 512, aread head 514 positioned in the housing 512, the power supply coupled towake-up electronics 538 and the microcontroller 526 and the output jack530 adapted to be inserted in a port of the mobile device 516 anddeliver an output jack signal to the mobile device 516.

In another embodiment, a method is of transmitting information to amobile device 516. A card reader 510 is provided with a read head 514that has a slot 518 for swiping a magnetic stripe of a card 520, a powersupply, the card reader 510 including wake-up electronics 538 and amicrocontroller 526, and a power supply coupled to the wake-upelectronics 538 and the microcontroller 526. Data is read from themagnetic stripe. A raw magnetic signal is produced indicative of datastored on the magnetic stripe. The raw magnetic head signal is convertedinto a processed digital signal that the microcontroller 526 interprets.An output jack signal is thereafter sent to the mobile device 516.

In another embodiment of the present invention, illustrated in FIG. 42,a card reader 510 is provided with the housing 512 and the read head 514positioned in the housing 512. The read head 514 includes the slot 518.The read head 514 is positioned, and configured, to accommodate rockingof a card 520 while being swept in the slot 518, and produce asuccessful read of the magnetic stripe of the card 520. In oneembodiment, he rocking is in an amount of 1 to 10 degrees of rotationfrom the bottom surface of the card away to the bottom surface of theslot.

In various embodiments, the rocking can be, 2 to 10 degrees of rotation,3 to 10 degrees of rotation, 4 to 10 degrees of rotation and the like.

The rotation can be in a direction of a plane of the card 520.Accommodation of rocking enables a bottom of the card 520 to be moved ina direction away from a bottom of the slot 518 while the card 520 isslid through the slot 518 (FIG. 44). In one embodiment, the read head514 has a side where the output jack 530 extends with a width of no morethan 5 mm.

In one embodiment, the slot 518 is configured to provide fordirectionality of card 520 swipe directions (FIG. 31). This can beachieved by, the slot 518 having a wider entrance track at one end toreceive a card 520, providing direction indicia on the housing 512, andthe like.

As illustrated in FIG. 44, in one embodiment, the read head 514 isbiased in a direction to one edge of a magnetic track of the card 520when the card is in the slot 518. The read head 514 can be biased to oneedge of a magnetic track of the card 520 and to one side of the cardslot 518. The result of this is that a card in the slot can be rotatedmore on one side of the card slot.

In another embodiment, a method is provided of transmitting informationto a mobile device 516 with a small reader 510. The card reader 510 haslength and height dimensions that are less than length or heightdimensions of a coupled mobile device 516 (FIG. 16( b)). A card 520 isslid in the slot 518, data is read from the magnetic stripe, a rawmagnetic signal indicative of data stored on the magnetic stripe isproduced, and the raw magnetic head signal is processed into a processeddigital signal that the microcontroller 526 can interpret. Rocking ofthe card 520 in the slot 518 is accommodated with a successful read ofthe magnetic stripe of the card 520. The rocking is in an amount of 1 to10 degrees of rotation of a bottom surface of the card 520 away from abottom surface of the slot 518. An output jack signal is thereafter sentto the mobile device 516.

Referring now to FIG. 45, in another embodiment of the presentinvention, a card reader 510 includes a housing 512 with length, heightand width dimensions. A read head 514 is positioned in the housing 512.The read head 514 is configured to be coupled to a mobile device 516.The read head 514 has a slot 518 for swiping a magnetic stripe of a card520. The read head 514 reads data on the magnetic stripe and produces asignal indicative of data stored on the magnetic stripe. An asymmetricspring 544 is coupled to the read head 514. The asymmetric spring 514positions the read head 514 to be offset in the housing 512, with thehousing length and height edges being non-symmetrical in respect to thelength and height edges of the read head 514. An output jack 530 isadapted to be inserted in a port of the mobile device and deliver anoutput jack signal to the mobile device.

The asymmetric spring 544 can be a cantilever with a pre-load onto anopposing wall on a back bone to provide that the read head 514 issubstantially perpendicular to the magnetic strip of the card 520 whenthe card 520 is read by the read head 514. The asymmetric spring 544 canbe configured to provide read head 514 positional adjustment when a card520 is in the card reader slot 518. Accommodation of rocking enables acard 520 to be moved in a direction away from a bottom of the slot 518while the card 520 is slid through the slot 518. The asymmetric spring544 can be attached at a single point to a side of the housing 512.

In one embodiment, the asymmetric spring 544 angles the read head 514 tocreate an angled read head 514. This provides that when a card 520 isinserted in the slot 518 the read head 514 is parallel to the card 520.The angled head is substantially parallel with a card 520 as it isswiped through the slot 518.

As illustrated in FIG. 44, the asymmetric spring 544 shifts the readhead 514 off center relative to the housing 512. In various embodiments,offsetting of the read head 514, (i) increases successful card 520readings when the card 520 is rotated about a corner of a bottom of theslot 518; (ii) allows the card 520 to be rotated at a greater anglewhile still keeping the read head's active area on the magnetic track ofthe card 520; (iii) allows for more card 520 rotation by the user as thecard 520 is swept through the slot 518; and the like.

In one embodiment, the read head 514 is shifted up with respect to acenter line of the magnetic track. The card 520 can be rotated fartheroff a bottom of the slot 518 before a read head active area is no longeron the magnetic track of the card 520. In various embodiments, the readhead 514 is configured to be positioned to, (i) be offset from a centerof track 1 or track 2 of the card 520; provide up to 10 degrees ofrotation and still register on track 1 or track 2 of the card 520, andthe like.

As shown in FIG. 44, in one embodiment, the read head 514 is positionedaway from the center point of the housing 512. The read head 514 isoffset from track 1 of the card 520 when the card 520 is positioned inthe slot 518 and is in contact with a bottom of the slot 518. Offsettinghe read head 514 from track 1 of a card 520 is used to bias the slot 518to a bottom of track 1 of the card 520. When the read head 514 is offsetthe user is provided with a flexibility to move the card 520 in adirection away from a bottom of the slot 518 as the card 520 is slid.

By offsetting, the housing 512 has a bottom surface that is adjacent tothe mobile device 516, and the read head 514 is positioned in thehousing 512 to be non-parallel to the bottom surface and the associatedsurface of the mobile device 516. Offsetting provides a higher successrate of swipes achieved with rotation of the card 520 in the slot 518.

In one embodiment, the device electronics receives a raw signal from theread head 514 and converts it into a process digital signal that themicrocontroller 526 can interpret. The microcontroller 526 hasassociated logic resources and code that receives a digital signal fromthe device electronics 522 and creates an encrypted and signed messagebased on the contents of the signal. The output jack 530 delivers anencrypted and signed output jack signal to the mobile device 516, withat least a portion of the output jack signal being encrypted. Themessage created can contain both encrypted and non-encrypted data, and asignature that can be used to verify that the data has not beenmodified.

In one embodiment, the microcontroller code uses a block cipher forencryption and signing. In one embodiment, he microcontroller uses theCCFB+H cipher mode for encryption and signing. Some embodiments of theencryption logic are described in Two-Pass Authenticated EncryptionFaster than Generic Composition, S. Lucks, University of Mannheim,Germany; http://th/informatic-uni-mannheim/de/people/lucks/.; andComparing Block Cipher Modes of Operation on MICAz Sensor Nodes, G.Bauer et al., Institute for Applied Information Processing andCommunications, Gran University of Technology, both fully incorporatedherein by reference.

The microcontroller code can include a unique identifier andcryptographic key. The code can inspect itself to see if it, itscryptographic key, or its identifier has been modified. In oneembodiment, the code includes countermeasures to detect tampering andattacks on the card reader.

In one embodiment, the card reader 514 disables itself when modificationor tampering is detected. In one embodiment, the code is no more than 8kilobytes in size.

The cryptographic key can be expanded before programming, and themicrocontroller code does not include or require key expansionfunctionality. The microcontroller can be configured to recalculate thebit period in real time to capture variable-speed swipes. In oneembodiment, the microcontroller is configured to parse and error-checkcard data. Additionally, the microcontroller can be configured to runperiodic checksums on code and memory.

In one embodiment, the microcontroller uses thresholds to filter outerroneous data and/or false edges. The microcontroller can be configuredto determine 1's and 0's by checking the frequency of polarity changeswithin a bit period.

In one embodiment, the microcontroller 526 is configured to produce asynchronous Manchester encoded stream that makes a greater number of 0crossings. The output jack 530 is adapted to be inserted in a port ofthe mobile device 516 and deliver a Manchester encoded stream via theoutput jack 530 to the mobile device 516.

The number of 0 crossings is sufficient to simulate a signal with asufficiently high frequency so that the mobile device's active filterdoes not cut off the output jack signal. AC coupling/filtering can beapplied to the output jack signal.

Referring to FIG. 46, in another embodiment a method of reconstructing apacket that includes financial card information from a mobile deviceuses a card reader 510 with a read head 514 and a slot 518 for swiping amagnetic stripe of a card 520. Device electronics 522 includes amicrocontroller 526 with logic resources with code. The card reader 514has a unique identifier and associated cryptographic key. The same codeis used to produce an encrypted and signed signal. The encrypted andsigned signal, that includes the card reader identifier, is delivered tothe mobile device 516. The mobile device 516 sends an encrypted andsigned packet to a back end of a payment system. A cryptographic key isused to decrypt and verify the contents of the packet at the back end.Non-encrypted card 520 information is sent to a payment gateway.

The packet can contain both encrypted and non-encrypted data. Thesignature can be used to verify that the data has not been modified. Inone embodiment, the encrypted and signed packet includes an identifierthat is unique to the card reader 510. The cryptographic key associatedwith the card reader 510 is derived from a master secret and the cardreader's unique identifier. The master secret can be created in ahardware security module and never transmitted to or shared with thecard reader 510 manufacturing facility, payment gateway, mobile devices,or any other third party.

The back end derives the cryptographic key used to encrypt a packetbased on the unique identifier contained within the packet. In oneembodiment, the back end uses a block cipher algorithm to decrypt andverify the contents of the packet, and the CCFB+H cipher mode to decryptand verify the contents of the packet.

An acknowledgment of successful or unsuccessful transactions can be sentfrom the back-end to the mobile device. Selected information about thepacket and transaction can be stored at the back-end and used for datamining. The stored information can be used for communicating to apurchaser relative to the purchaser's purchasing history and activity.

In one embodiment, the encrypted and signed signal is created by themicrocontroller 526 with no more than 8 kilobytes of code. Themicrocontroller 526 can be used to recalculate a bit period in real timeto capture variable-speed swipes. Additionally, the microcontroller 526can be used to parse and error-check card 520 data. In one embodiment,the microcontroller 526 is used to run periodic checksums on code andmemory.

Thresholds can be used to filter out erroneous data and/or false edges.The microcontroller 526 can be used to determine 1's and 0's by checkingthe frequency of polarity changes within a bit period.

The foregoing description of various embodiments of the claimed subjectmatter has been provided for the purposes of illustration anddescription. It is not intended to be exhaustive or to limit the claimedsubject matter to the precise forms disclosed. Many modifications andvariations will be apparent to the practitioner skilled in the art.Particularly, while the concept “component” is used in the embodimentsof the systems and methods described above, it will be evident that suchconcept can be interchangeably used with equivalent concepts such as,class, method, type, interface, module, object model, and other suitableconcepts. Embodiments were chosen and described in order to bestdescribe the principles of the invention and its practical application,thereby enabling others skilled in the relevant art to understand theclaimed subject matter, the various embodiments and with variousmodifications that are suited to the particular use contemplated.

1. A decoding system, comprising: a decoding engine running on a mobiledevice, the decoding engine in operation decoding signals produced froma read of a buyer's financial transaction card, the decoding engine inoperation accepting and initializing incoming signals from a read of thebuyer's financial transaction card until the signals reach a steadystate, detecting the read of the buyer's financial transaction card oncethe incoming signals are in a steady state, identifying peaks in theincoming signals and digitizing the identified peaks in the incomingsignals into bits; a transaction engine running on the mobile device andcoupled to the decoding engine, the transaction engine in operationreceiving as its input decoded buyer financial transaction cardinformation from the decoding engine and serving as an intermediarybetween the buyer and a merchant, so that the buyer does not have toshare his/her financial transaction card information with the merchant;and the transaction engine configured to receive a card reader IDcircuitry from a card reader and transmit the card reader ID to apayment service.
 2. The decoding system of claim 1 wherein the mobiledevice is a mobile digital device.
 3. The decoding system of claim 1wherein the incoming signals are generated by swiping of the buyer'sfinancial transaction card through a card reader configured to becoupled and de-coupled with the mobile device.
 4. The decoding system ofclaim 3 wherein the incoming signals are of low quality due to one ormore of: low quality of data read from a single and/or low density trackof a magnetic stripe of the card, sampling speed limitations of themobile device, and noise introduced into the mobile device.
 5. Thedecoding system of claim 1 wherein the decoding engine in operationdetects presence of the read of the buyer's financial transaction cardby looking for points in the incoming signals that exceed a minimumsignal amplitude threshold.
 6. The decoding system of claim 1 whereinthe decoding engine in operation detects presence of the read of thebuyer's financial transaction card by capturing signals of interest inthe incoming signals via Fast Fourier Transform (FFT).
 7. The decodingsystem of claim 1 wherein the decoding engine in operation detects peaksin the incoming signals to be resistant to ringing in the incomingsignals.
 8. The decoding system of claim 1 wherein the decoding enginein operation detects peaks in the incoming signals to be resistant toscratches in the card that cause slow quality or false peak informationto manifest in the incoming signals.
 9. The decoding system of claim 1wherein the decoding engine in operation detects peaks in the incomingsignals by looking for local maxima and minima within a window ofdigital samples.
 10. The decoding system of claim 1 wherein the decodingengine in operation identifies the track from which data of the incomingsignals are read through the read of the buyer's financial transactioncard when only one track of data in a magnetic stripe of the buyer'sfinancial transaction card is read.
 11. The decoding system of claim 1wherein the decoding engine in operation digitizes the identified peaksin the incoming signals into bits only by checking and comparingpolarities of peaks.
 12. The decoding system of claim 1 wherein thedecoding engine in operation combines various peak detection anddigitization approaches to cover various ranges of degradation inquality of the input signals read.
 13. The decoding system of claim 1wherein the decoding engine in operation chooses and optimizes differentprocess combinations and parameters depending on hardware platform ofthe mobile device.
 14. The decoding system of claim 1 wherein thedecoding engine in operation scales and adjusts decoding to account forat least one of, different amounts of noise, sampling speed variations,signal ringing, and a swipe direction of the buyer's financialtransaction card when the buyer's financial card is swiped through aslot of a card reader.
 15. The decoding system of claim 1, wherein anoutput jack signal received by a card reader coupled to the mobiledevice is an encrypted output jack signal.
 16. The decoding system ofclaim 15, wherein the output jack signal is an encrypted and signedoutput jack signal.
 17. The decoding system of claim 1, wherein the cardreader includes a front end with an amplifier/filter, differentiator anda comparator.
 18. The decoding system of claim 17, wherein the front endfurther includes wake-up electronics.
 19. The decoding system of claim18, wherein the wake-up electronics is a wake-up circuit.